handshake

package
v0.9.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 16, 2018 License: MIT Imports: 20 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var ErrNSTPExperiment = qerr.Error(qerr.InvalidCryptoMessageParameter, "NSTP experiment. Unsupported")

ErrNSTPExperiment is returned when the client sends the NSTP tag in the CHLO. This is an experiment implemented by Chrome in QUIC 38, which we don't support at this point.

Functions

This section is empty.

Types

type ConnectionState added in v0.7.0

type ConnectionState struct {
	HandshakeComplete bool                // handshake is complete
	ServerName        string              // server name requested by client, if any (server side only)
	PeerCertificates  []*x509.Certificate // certificate chain presented by remote peer
}

ConnectionState records basic details about the QUIC connection. Warning: This API should not be considered stable and might change soon.

type Cookie struct {
	RemoteAddr string
	// The time that the STK was issued (resolution 1 second)
	SentTime time.Time
}

A Cookie is derived from the client address and can be used to verify the ownership of this address.

type CookieGenerator

type CookieGenerator struct {
	// contains filtered or unexported fields
}

A CookieGenerator generates Cookies

func NewCookieGenerator

func NewCookieGenerator() (*CookieGenerator, error)

NewCookieGenerator initializes a new CookieGenerator

func (*CookieGenerator) DecodeToken

func (g *CookieGenerator) DecodeToken(encrypted []byte) (*Cookie, error)

DecodeToken decodes a Cookie

func (*CookieGenerator) NewToken

func (g *CookieGenerator) NewToken(raddr net.Addr) ([]byte, error)

NewToken generates a new Cookie for a given source address

type CryptoSetup

type CryptoSetup interface {
	Open(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, protocol.EncryptionLevel, error)
	// contains filtered or unexported methods
}

CryptoSetup is the crypto setup used by gQUIC

func NewCryptoSetup

func NewCryptoSetup(
	cryptoStream io.ReadWriter,
	connID protocol.ConnectionID,
	remoteAddr net.Addr,
	version protocol.VersionNumber,
	divNonce []byte,
	scfg *ServerConfig,
	params *TransportParameters,
	supportedVersions []protocol.VersionNumber,
	acceptSTK func(net.Addr, *Cookie) bool,
	paramsChan chan<- TransportParameters,
	handshakeEvent chan<- struct{},
	logger utils.Logger,
) (CryptoSetup, error)

NewCryptoSetup creates a new CryptoSetup instance for a server

func NewCryptoSetupClient

func NewCryptoSetupClient(
	cryptoStream io.ReadWriter,
	hostname string,
	connID protocol.ConnectionID,
	version protocol.VersionNumber,
	tlsConfig *tls.Config,
	params *TransportParameters,
	paramsChan chan<- TransportParameters,
	handshakeEvent chan<- struct{},
	initialVersion protocol.VersionNumber,
	negotiatedVersions []protocol.VersionNumber,
	logger utils.Logger,
) (CryptoSetup, error)

NewCryptoSetupClient creates a new CryptoSetup instance for a client

type CryptoSetupTLS added in v0.8.0

type CryptoSetupTLS interface {
	OpenHandshake(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, error)
	Open1RTT(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, error)
	// contains filtered or unexported methods
}

CryptoSetupTLS is the crypto setup used by IETF QUIC

func NewCryptoSetupTLSClient

func NewCryptoSetupTLSClient(
	cryptoStream io.ReadWriter,
	connID protocol.ConnectionID,
	config *mint.Config,
	handshakeEvent chan<- struct{},
	version protocol.VersionNumber,
) (CryptoSetupTLS, error)

NewCryptoSetupTLSClient creates a new TLS CryptoSetup instance for a client

func NewCryptoSetupTLSServer

func NewCryptoSetupTLSServer(
	cryptoStream io.ReadWriter,
	connID protocol.ConnectionID,
	config *mint.Config,
	handshakeEvent chan<- struct{},
	version protocol.VersionNumber,
) (CryptoSetupTLS, error)

NewCryptoSetupTLSServer creates a new TLS CryptoSetup instance for a server

type HandshakeMessage

type HandshakeMessage struct {
	Tag  Tag
	Data map[Tag][]byte
}

A HandshakeMessage is a handshake message

func ParseHandshakeMessage

func ParseHandshakeMessage(r io.Reader) (HandshakeMessage, error)

ParseHandshakeMessage reads a crypto message

func (HandshakeMessage) String

func (h HandshakeMessage) String() string

func (HandshakeMessage) Write

func (h HandshakeMessage) Write(b *bytes.Buffer)

Write writes a crypto message

type KeyDerivationFunction

type KeyDerivationFunction func(crypto.TLSExporter, protocol.Perspective) (crypto.AEAD, error)

KeyDerivationFunction is used for key derivation

type KeyExchangeFunction

type KeyExchangeFunction func() (crypto.KeyExchange, error)

KeyExchangeFunction is used to make a new KEX

type QuicCryptoKeyDerivationFunction

type QuicCryptoKeyDerivationFunction func(forwardSecure bool, sharedSecret, nonces []byte, connID protocol.ConnectionID, chlo []byte, scfg []byte, cert []byte, divNonce []byte, pers protocol.Perspective) (crypto.AEAD, error)

QuicCryptoKeyDerivationFunction is used for key derivation

type Sealer

type Sealer interface {
	Seal(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) []byte
	Overhead() int
}

Sealer seals a packet

type ServerConfig

type ServerConfig struct {
	ID []byte
	// contains filtered or unexported fields
}

ServerConfig is a server config

func NewServerConfig

func NewServerConfig(kex crypto.KeyExchange, certChain crypto.CertChain) (*ServerConfig, error)

NewServerConfig creates a new server config

func (*ServerConfig) Get

func (s *ServerConfig) Get() []byte

Get the server config binary representation

func (*ServerConfig) GetCertsCompressed

func (s *ServerConfig) GetCertsCompressed(sni string, commonSetHashes, compressedHashes []byte) ([]byte, error)

GetCertsCompressed returns the certificate data

func (*ServerConfig) Sign

func (s *ServerConfig) Sign(sni string, chlo []byte) ([]byte, error)

Sign the server config and CHLO with the server's keyData

type TLSExtensionHandler

type TLSExtensionHandler interface {
	Send(mint.HandshakeType, *mint.ExtensionList) error
	Receive(mint.HandshakeType, *mint.ExtensionList) error
	GetPeerParams() <-chan TransportParameters
}

A TLSExtensionHandler sends and received the QUIC TLS extension. It provides the parameters sent by the peer on a channel.

func NewExtensionHandlerClient

func NewExtensionHandlerClient(
	params *TransportParameters,
	initialVersion protocol.VersionNumber,
	supportedVersions []protocol.VersionNumber,
	version protocol.VersionNumber,
	logger utils.Logger,
) TLSExtensionHandler

NewExtensionHandlerClient creates a new extension handler for the client.

func NewExtensionHandlerServer

func NewExtensionHandlerServer(
	params *TransportParameters,
	supportedVersions []protocol.VersionNumber,
	version protocol.VersionNumber,
	logger utils.Logger,
) TLSExtensionHandler

NewExtensionHandlerServer creates a new extension handler for the server

type Tag

type Tag uint32

A Tag in the QUIC crypto

const (
	// TagCHLO is a client hello
	TagCHLO Tag = 'C' + 'H'<<8 + 'L'<<16 + 'O'<<24
	// TagREJ is a server hello rejection
	TagREJ Tag = 'R' + 'E'<<8 + 'J'<<16
	// TagSCFG is a server config
	TagSCFG Tag = 'S' + 'C'<<8 + 'F'<<16 + 'G'<<24

	// TagPAD is padding
	TagPAD Tag = 'P' + 'A'<<8 + 'D'<<16
	// TagSNI is the server name indication
	TagSNI Tag = 'S' + 'N'<<8 + 'I'<<16
	// TagVER is the QUIC version
	TagVER Tag = 'V' + 'E'<<8 + 'R'<<16
	// TagCCS are the hashes of the common certificate sets
	TagCCS Tag = 'C' + 'C'<<8 + 'S'<<16
	// TagCCRT are the hashes of the cached certificates
	TagCCRT Tag = 'C' + 'C'<<8 + 'R'<<16 + 'T'<<24
	// TagMSPC is max streams per connection
	TagMSPC Tag = 'M' + 'S'<<8 + 'P'<<16 + 'C'<<24
	// TagMIDS is max incoming dyanamic streams
	TagMIDS Tag = 'M' + 'I'<<8 + 'D'<<16 + 'S'<<24
	// TagUAID is the user agent ID
	TagUAID Tag = 'U' + 'A'<<8 + 'I'<<16 + 'D'<<24
	// TagSVID is the server ID (unofficial tag by us :)
	TagSVID Tag = 'S' + 'V'<<8 + 'I'<<16 + 'D'<<24
	// TagTCID is truncation of the connection ID
	TagTCID Tag = 'T' + 'C'<<8 + 'I'<<16 + 'D'<<24
	// TagPDMD is the proof demand
	TagPDMD Tag = 'P' + 'D'<<8 + 'M'<<16 + 'D'<<24
	// TagSRBF is the socket receive buffer
	TagSRBF Tag = 'S' + 'R'<<8 + 'B'<<16 + 'F'<<24
	// TagICSL is the idle connection state lifetime
	TagICSL Tag = 'I' + 'C'<<8 + 'S'<<16 + 'L'<<24
	// TagNONP is the client proof nonce
	TagNONP Tag = 'N' + 'O'<<8 + 'N'<<16 + 'P'<<24
	// TagSCLS is the silently close timeout
	TagSCLS Tag = 'S' + 'C'<<8 + 'L'<<16 + 'S'<<24
	// TagCSCT is the signed cert timestamp (RFC6962) of leaf cert
	TagCSCT Tag = 'C' + 'S'<<8 + 'C'<<16 + 'T'<<24
	// TagCOPT are the connection options
	TagCOPT Tag = 'C' + 'O'<<8 + 'P'<<16 + 'T'<<24
	// TagCFCW is the initial session/connection flow control receive window
	TagCFCW Tag = 'C' + 'F'<<8 + 'C'<<16 + 'W'<<24
	// TagSFCW is the initial stream flow control receive window.
	TagSFCW Tag = 'S' + 'F'<<8 + 'C'<<16 + 'W'<<24

	// TagNSTP is the no STOP_WAITING experiment
	// currently unsupported by quic-go
	TagNSTP Tag = 'N' + 'S'<<8 + 'T'<<16 + 'P'<<24

	// TagSTK is the source-address token
	TagSTK Tag = 'S' + 'T'<<8 + 'K'<<16
	// TagSNO is the server nonce
	TagSNO Tag = 'S' + 'N'<<8 + 'O'<<16
	// TagPROF is the server proof
	TagPROF Tag = 'P' + 'R'<<8 + 'O'<<16 + 'F'<<24

	// TagNONC is the client nonce
	TagNONC Tag = 'N' + 'O'<<8 + 'N'<<16 + 'C'<<24
	// TagXLCT is the expected leaf certificate
	TagXLCT Tag = 'X' + 'L'<<8 + 'C'<<16 + 'T'<<24

	// TagSCID is the server config ID
	TagSCID Tag = 'S' + 'C'<<8 + 'I'<<16 + 'D'<<24
	// TagKEXS is the list of key exchange algos
	TagKEXS Tag = 'K' + 'E'<<8 + 'X'<<16 + 'S'<<24
	// TagAEAD is the list of AEAD algos
	TagAEAD Tag = 'A' + 'E'<<8 + 'A'<<16 + 'D'<<24
	// TagPUBS is the public value for the KEX
	TagPUBS Tag = 'P' + 'U'<<8 + 'B'<<16 + 'S'<<24
	// TagOBIT is the client orbit
	TagOBIT Tag = 'O' + 'B'<<8 + 'I'<<16 + 'T'<<24
	// TagEXPY is the server config expiry
	TagEXPY Tag = 'E' + 'X'<<8 + 'P'<<16 + 'Y'<<24
	// TagCERT is the CERT data
	TagCERT Tag = 0xff545243

	// TagSHLO is the server hello
	TagSHLO Tag = 'S' + 'H'<<8 + 'L'<<16 + 'O'<<24

	// TagPRST is the public reset tag
	TagPRST Tag = 'P' + 'R'<<8 + 'S'<<16 + 'T'<<24
	// TagRSEQ is the public reset rejected packet number
	TagRSEQ Tag = 'R' + 'S'<<8 + 'E'<<16 + 'Q'<<24
	// TagRNON is the public reset nonce
	TagRNON Tag = 'R' + 'N'<<8 + 'O'<<16 + 'N'<<24
)

type TransportParameters

type TransportParameters struct {
	StreamFlowControlWindow     protocol.ByteCount
	ConnectionFlowControlWindow protocol.ByteCount

	MaxPacketSize protocol.ByteCount

	MaxUniStreams  uint16 // only used for IETF QUIC
	MaxBidiStreams uint16 // only used for IETF QUIC
	MaxStreams     uint32 // only used for gQUIC

	OmitConnectionID bool // only used for gQUIC
	IdleTimeout      time.Duration
	DisableMigration bool // only used for IETF QUIC

}

TransportParameters are parameters sent to the peer during the handshake

func (*TransportParameters) String added in v0.8.0

func (p *TransportParameters) String() string

String returns a string representation, intended for logging. It should only used for IETF QUIC.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL